Lam, Chung, Gu and Sun (2003) proposed a lightweight security mechanism for mobile commerce transactions to meet the security needs in the face of the resource constraints of mobile devices. End-to-end security between the mobile device and the mobile commerce provider is established. However, its security builds on the assumption that customers can confirm every mobile commerce provider's public key by themselves before each transaction. Moreover, the mechanism still produces high overhead on the mobile device. This paper elucidates the causes of these drawbacks, and an enhanced mechanism is also proposed to protect mobile commerce transactions more effectively and efficiently.